twitter-to-binance-square

Pass

Audited by Gen Agent Trust Hub on May 30, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface
  • Ingestion points: scripts/auto_mirror.py retrieves tweet text from the vendor-managed Twitter API proxy (ai.6551.io).
  • Boundary markers: Absent. Tweet content is directly interpolated into a pre-defined text template before being sent to Binance Square.
  • Capability inventory: scripts/auto_mirror.py and scripts/mcp_server.py possess the capability to perform network POST/PUT requests to Binance Square and write state information to a local JSON file.
  • Sanitization: The script performs basic sanitization on tweet text, including removing t.co URLs, stripping retweet prefixes, and collapsing multiple newlines via regular expressions.
  • [COMMAND_EXECUTION]: Local Command Execution for Media Processing
  • The skill utilizes subprocess.run to call ffmpeg and ffprobe for video duration detection and cover frame extraction. Arguments are passed as a list, which effectively prevents shell injection attacks. These operations are confined to processing media files intended for upload.
  • [EXTERNAL_DOWNLOADS]: Remote Asset Retrieval
  • The skill fetches tweet metadata from the author's infrastructure (ai.6551.io) and downloads media assets from Twitter's content delivery network (pbs.twimg.com) or user-supplied URLs. These downloads are required for the skill's primary function of mirroring social media content.
  • [SAFE]: Verified Service Interaction
  • External communications are limited to well-known services (Binance, Twitter) and the vendor's own API domain. Credentials (API keys and tokens) are managed through environment variables rather than hardcoding, following standard security best practices.
Audit Metadata
Risk Level
SAFE
Analyzed
May 30, 2026, 03:01 PM
Security Audit — agent-trust-hub — twitter-to-binance-square